Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Heap-based buffer overflow in Floositek (1) FTGate Pro 1.05 and (2) FTGate Office 1.05 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long POP3 APOP USER command.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Floosietek FTGate APOP命令导致堆破坏漏洞
Vulnerability Description
Floosietek FTGatePRO和FTGateOffice是一款高性能,多功能的邮件服务程序,运行Microsoft Windows操作系统下。 FTGate在处理APOP命令时存在问题,可导致堆破坏而使攻击者以FTGate服务进程权限执行任意代码。 APOP命令是一个POP3服务器安全增强验证命令,攻击者可以向APOP命令提供超长的字符串(1k-2k)导致破坏堆中的内存结构,当调用free()时,可被攻击者利用写任意值到任意内存位置,而导致以FTGate服务进程权限执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A